The RISKS Digest
Volume 31 Issue 87

Monday, 25th May 2020

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator


Tesla owner locked thief in car with his iPhone app
See Boston Dynamics' robodog herd sheep and explore in New Zealand
Inside the NSA's Secret Tool for Mapping Your Social Network
Barton Gellman
Nobel laureates and science groups demand NIH review decision to kill coronavirus grant
Doctors tweet about coronavirus to make facts go viral
Re: IS: Cannonball Run record is broken SEVEN times over …
Winston Goodfellow
Re: The ultimate Turing test
Henry Baker
Peter Ladkin
Info on RISKS (comp.risks)

Tesla owner locked thief in car with his iPhone app (Facebook)

geoff goodfellow <>
Mon, 25 May 2020 05:59:00 -1000


The driver of a Tesla managed to foil a carjacker by using his iPhone app to lock the thief in the car. According to a Facebook post by the police department in Barstow, Calif., the owner was sitting in his Tesla T3 when the thief approached and made him get out of the car.

At that point, the owner of the car was able to remotely turn off the engine and lock the thief inside until police arrived. Business Insider identified the phone as an iPhone. <> <>

See Boston Dynamics' robodog herd sheep and explore in New Zealand (Mashable)

geoff goodfellow <>
Mon, 25 May 2020 06:04:00 -1000

Spot, the robotic “dog” design from Boston Dynamics, has had a busy pandemic, between counseling patients and enforcing social distancing guidelines, Now, a new partnership with a New Zealand robotics firm is setting up the four-legged automaton for a new line of work: farming. <> <>

Technically, the partnership is much bigger than that. Rocos specializes in the remote monitoring and operation of robot fleets. By working together, the capabilities of Boston Dynamics robots like Spot will expand thanks to human operators who can manage their performance from a great distance.

Think of the farming thing as a proof-of-concept. A video released by Rocos shows Spot exploring rough terrain, inspecting crops, and herding sheep — all of which is meant to serve as a demonstration of the various ways remote operation can be used to put robots to work. […]

Inside the NSA's Secret Tool for Mapping Your Social Network (Barton Gellman)

Dewayne Hendricks <>
May 25, 2020 at 18:12:19 GMT+9
[Note: This item comes from friend Jock Gill. DLH]

Barton Gellman, WiReD, 24 May 2020 Inside the NSA's Secret Tool for Mapping Your Social Network <>

Edward Snowden revealed the agency's phone-record tracking program. But thanks to “precomputed contact chaining,” that database was much more powerful than anyone knew.

In the summer of 2013, I spent my days sifting through the most extensive archive of top-secret files that had ever reached the hands of an American journalist. In a spectacular act of transgression against the National Security Agency, where he worked as a contractor, Edward Snowden had transmitted tens of thousands of classified documents to me, the columnist Glenn Greenwald, and the documentary filmmaker Laura Poitras.

One of those documents, the first to be made public in June 2013, revealed that the NSA was tracking billions of telephone calls made by Americans inside the US. The program became notorious, but its full story has not been told.

The first accounts revealed only bare bones. If you placed a call, whether local or international, the NSA stored the number you dialed, as well as the date, time and duration of the call. It was domestic surveillance, plain and simple. When the story broke, the NSA discounted the intrusion on privacy. The agency collected ‘only metadata’, it said, not the content of telephone calls. Only on rare occasions, it said, did it search the records for links among terrorists.

I decided to delve more deeply. The public debate was missing important information. It occurred to me that I did not even know what the records looked like. At first I imagined them in the form of a simple, if gargantuan, list. I assumed that the NSA cleaned up the list—date goes here, call duration there—and converted it to the agency's preferred “atomic sigint data format.” Otherwise I thought of the records as inert. During a conversation at the Aspen Security Forum that July, six weeks after Snowden's first disclosure and three months after the Boston Marathon bombing, Admiral Dennis Blair, the former director of national intelligence, assured me that the records were stored, untouched, until the next Boston bomber came along.

Even by that account, the scale of collection brought to mind an evocative phrase from legal scholar Paul Ohm. Any information in sufficient volume, he wrote, amounted to a “database of ruin.” It held personal secrets that “if revealed, would cause more than embarrassment or shame; it would lead to serious, concrete, devastating harm.” Nearly anyone in the developed world, he wrote, “can be linked to at least one fact in a computer database that an adversary could use for blackmail, discrimination, harassment, or financial or identity theft.” Revelations of “past conduct, health, or family shame,” for example, could cost a person their marriage, career, legal residence, or physical safety.

Mere creation of such a database, especially in secret, profoundly changed the balance of power between government and governed. This was the Dark Mirror embodied, one side of the glass transparent and the other blacked out. If the power implications do not seem convincing, try inverting the relationship in your mind: What if a small group of citizens had secret access to the telephone logs and social networks of government officials? How might that privileged knowledge affect their power to shape events? How might their interactions change if they possessed the means to humiliate and destroy the careers of the persons in power? Capability matters, always, regardless of whether it is used. An unfired gun is no less lethal before it is drawn. And in fact, in history, capabilities do not go unused in the long term. Chekhov's famous admonition to playwrights is apt not only in drama, but in the lived experience of humankind. The gun on display in the first act—nuclear warheads, weaponized disease, Orwellian cameras tracking faces on every street—must be fired in the last. The latent power of new inventions, no matter how repellent at first, does not lie forever dormant in government armories.

These could be cast as abstract concerns, but I thought them quite real. By September of that year, it dawned on me that there were also concrete questions that I had not sufficiently explored. Where in the innards of the NSA did the phone records live? What happened to them there? The Snowden archive did not answer those questions directly, but there were clues.

I stumbled across the first clue later that month. I had become interested in the NSA's internal conversation about bulk collection, the acquisition of high-volume data sets in their entirety. Phone records were one of several kinds. The agency had grown more and more adept, brilliantly creative in fact, at finding and swallowing other people's information whole. Lately the NSA had begun to see that it consumed too much to digest. Midlevel managers and engineers sounded notes of alarm in briefings prepared for their chains of command. The cover page of one presentation asked “Is It the End of the SIGINT World as We Have Come to Know It?” The authors tried for a jaunty tone but had no sure answer. The surveillance infrastructure was laboring under serious strain.

One name caught my eye on a chart that listed systems at highest risk: Mainway. I knew that one. NSA engineers had built Mainway in urgent haste after September 11, 2001. Vice President Dick Cheney's office had drafted orders, signed by President George W. Bush, to do something the NSA had never done before. The assignment, forbidden by statute, was to track telephone calls made and received by Americans on American soil. The resulting operation was the lawless precursor of the broader one that I was looking at now.

Mainway came to life alongside Stellarwind, the domestic surveillance program created by Cheney in the first frantic weeks after al Qaeda flew passenger airplanes into the Pentagon and World Trade Center. Stellarwind defined the operation; Mainway was a tool to carry it out.

At the time, the NSA knew how to do this sort of thing with foreign telephone calls, but it did not have the machinery to do it at home.

When NSA director Mike Hayden received the execution order on October 4, 2001 for the Vice President's special program, NSA engineers assembled a system from bare metal and borrowed code within a matter of days, a stupendous achievement under pressure. They commandeered 50 state-of-the-art computer servers from Dell, which was about to ship them to another customer, and lashed them into a quick and dirty but powerful cluster. Hayden cleared out space in a specially restricted wing of OPS 2B, an inner sanctum of the gleaming, mirrored headquarters complex at Fort Meade MD. When the cluster expanded, incorporating some 200 machines, Mainway spilled into an annex in the Tordella Supercomputer Facility nearby. Trusted lieutenants began calling in a small group of analysts, programmers, and mathematicians on October 6 and 7. […]

Nobel laureates and science groups demand NIH review decision to kill coronavirus grant (Science)

Dave Farber <>
Mon, 25 May 2020 19:25:37 +0900

Doctors tweet about coronavirus to make facts go viral (WSJ)

Kimi Wei <>
May 25, 2020 at 02:13:51 GMT+9
[Via David Farber's IP list]

Georgia Wells, The Wall Street Journal, 15 May 2020 Doctors Are Tweeting About Coronavirus to Make Facts Go Viral

As dubious Covid-19 claims circulate online, UCSF's Dr. Bob Wachter and others are taking to Twitter

SAN FRANCISCO—Bob Wachter, the chairman of the department of medicine at the University of California, San Francisco, has had a front-row seat to the coronavirus pandemic.

Dr. Wachter's job, at least in part, is to keep the department's 3,000 or so faculty, trainees and staff current on developments in research, education and clinical care. But most days he sets aside at least two hours to keep another group informed: his Twitter followers.

Dr. Wachter, 62 years old, is part of a growing group of scientists and public-health officials who are increasingly active and drawing large audiences on social media. They say they feel a moral obligation to provide credible information online and steer the conversation away from dubious claims, such as those in Plandemic, a video espousing Covid-19 conspiracy theories that drew millions of views last week.

Former Federal Drug Administration commissioner Scott Gottlieb and University of Washington biologistCarl Bergstrom sometimes tweet dozens of times a day. Dr. Wachter said his follower count has tripled since mid-March to more than 64,000.

“Those of us who are the good guys and gals here feel like we have an obligation to put out information that is as correct as it can be,” said Dr. Wachter.

That isn't easy. A new paper in the journal Nature this week found that antivaccination views are drowning out the more mainstream voices online, partly due to the ways antivaccination advocates interact with some users of social media platforms. As a result, researchers predict, antivaccination views “will dominate in a decade.”

Scientists are driven to participate on social media due to “sheer frustration with seeing the misinformation that is going out there,” said Karen James, an independent researcher with a Ph.D. in genetics and an expert in how scientists use social media.

Twitter Inc., which this week said it would start labeling misleading tweets about Covid-19, also says it aims to amplify medical voices on the platform. Since mid-March, Twitter said, it has verified hundreds of Covid-19 experts globally, including scientists and academics. Verifying users adds a blue check mark to their profiles that confer status and indicates that the company has confirmed the user's credentials.

Part of what motivated Dr. Wachter to start tweeting was anxiety about the potential tragedy for the Bay Area, after watching China, Italy and Seattle grappling with outbreaks. “I thought we were on the cusp of an apocalypse,” he said.

Later, when it appeared that the region was flattening the curve, Dr. Wachter was one of the first people to say so publicly, even before the city's department of public health.

Colleagues told him they were reluctant to advise people that San Francisco appeared to be doing well, for fear residents would think the crisis was past and ease up on social distancing. “I am not state media,” Dr. Wachter said. “I will say what I think is going on.”

About 35 people in San Francisco have died of Covid-19, compared with more than 20,000 in New York. “It became a feel-good story at a time when there were very few feel-good stories,” he said.

Dr. Wachter typically writes his tweets in threads, long strings of posts on a single topic or idea; on Wednesday, he posted about masks.

Re: IS: Cannonball Run record is broken SEVEN times over … (RISKS-31.76)

Winston Goodfellow <>
Mon, May 25, 2020 at 3:33 AM
[From geoff goodfellow, from AND who prolifically writes about cars]

That was the idea behind the Cannonball in the beginning—to show that you can go at high speeds safely. Particularly when a car is properly engineered. There is a great book on the whole thing called “Cannonball The World's Greatest Outlaw Road Race” written by Brock Yates, who started it all. It's a fabulous and very entertaining road trip (excuse the unintended pun) back into the mindset that existed in the 1970s, what brought the event about, the escapades that happened on it, and the creativity in what guys and gals would do to try and cross the country as fast as possible when the police were really out to stop them.

Re: The ultimate Turing test (Shapir, RISKS-31.86)

Henry Baker <>
Sun, 24 May 2020 16:18:48 -0700
Re: virtual company of fake servicemen

Isn't this taking the old joke “they pretend to pay us; we pretend to work” thing a little too seriously?

Reminds me of Patton's “Ghost Army” from WWII, which we honor on Memorial Day (today) in the U.S.

And famous double agent “Garbo/Alaric”'s fake network of 27 fake spies presumably simultaneously paid by both the Germans and the Brits, who received both the MBE (Brit) and Iron Cross (German) for his outstanding work for both sides in WWII.

Perhaps the famous Russian “Internet Research Agency” is virtually hiring fake trolls to push fake news via Twitter bots?

Now that would be a Netflix original movie for this Truman Show pandemic…

Misinformation (RISKS-31.84 and 31.85)

Peter Bernard Ladkin <>
25-May-2020 9:09:29-GMT

It is somewhat ironic that, in the RISKS-31.85, in which an article on misinformation and its drawbacks for dealing effectively with Covid-19 is commended, one of the Digest's frequent and usually reliable contributors distributes misinformation. As did another in the edition before, RISKS-31.84.

Dmitri Maziuk deprecates what he claims are Neil Ferguson's predictions over the years for various epidemic phenomena. He says inter alia

“And apparently during the 2001 Foot and Mouth outbreak “Ferguson warned the government that 150,000 people could die. Six million animals were slaughtered as a precaution, costing the country billions in farming revenue. In the end, 200 people died.”—ibid”

First, nobody died from Foot and Mouth disease in GB in 2001. It is not an illness of humans. I think it is very unlikely indeed that, of all people, Prof. Ferguson suggested that anyone could die of it.

Second, all the predictions Maziuk quotes use the word ”could”. Not “would” or “will“ but “could”. Maziuk continues:

“Whether the code is a steaming Pile Of Software is immaterial, really (after 20 years dealing with ‘academic software’ I'm pretty sure it is), when it has a proven track record of being wrong.”

By the time anyone reads this note, I could be dead. If I am still alive, is my last sentence wrong? No. It remains true. If I repeat it in every email I write from now on, will I accumulate “a proven track record of being wrong”? No, at least not through repeating a practical truism.

Predictively modeling the course of an epidemic is what the numerical analysts call an ill-conditioned problem. Wiggle the inputs a little bit and you can get radically different answers to certain outputs, such as “how many die”. That is a property of the problem, not particularly of anyone's code, and is well known to epidemiological modelers. Public pronouncements are caveated by necessarily inexact assumptions concerning key parameter values and other inputs such as social/organisational relationships. Outputs are given in terms of medians and confidence intervals, and those intervals are often very large. Those caveats of inputs and outputs often disappear when reported in the press, and they are not present in Maziuk's summary either.

Prof. Ferguson heads the Medical Research Council Centre for Global Infectious Disease Analysis (GIDA), hosted at Imperial College, London. MRC GIDA produced a report on March 16th (the famous “Report 9”) which said, according to news reports, there could be 250,000 dead from Covid-19 in GB

Nine days later, on 25 March, Prof. Ferguson, quoting the very same report, told the House of Commons Science and Technology Committee that “fatalities would probably be unlikely to exceed about 20,000.” See the answer to Q24 at Better yet, read the entire evidence for background on what advice the UK government was receiving from scientists, and how.

So did “Prof. Ferguson” say 250,000 fatalities, or did “he” say 20,000 fatalities, in that Report 9? That is, of course, a strikingly ill-posed question. First, the report has 31 authors, and was written “On behalf of the Imperial College COVID-19 Response Team”, so there is an organisation behind its conclusions, not a person. Not only that, but we can assume it was discussed by colleagues at other institutions, as well as by GIDA people, in the UK government's SAGE advisory committee, which was meeting twice a week, and its various subcommittees. Second, what your guess might be as to the total number of fatalities is dependent on your guess as to the values of key parameters of an ill-conditioned problem.

The ill-conditioning is well-illustrated by a thought experiment by James Annan, quoted by the journalist George Monbiot in The Guardian last week Annan pointed out that starting the UK lockdown a week earlier could have reduced the death toll by a factor of five. Whatever you might think of Annan's modeling (and Henry Baker wouldn't think much, because it is SIR, see below), those figures are an aspect of the real-world problem, not an artifice of the model.

Finally, let me remark on Maziuk's contention that he is “pretty sure” that the code Ferguson's group uses is a “steaming Pile of Software”. Ferguson's group is the only one I know with an in-house dedicated software engineering team (personal communication). Evidently both the Medical Research Council and GIDA Director Prof. Ferguson are convinced that software engineering is an important activity well worth supporting financially. As am I. I am glad they are doing so.

Now on to misinformation purveyed by Henry Baker. Baker says in Risks 31.84 that

[begin quote]
“… century-old Ross/Kermack-McKendrick “R0” differential equation models are still being (ab)used, even though they are fatally flawed. …”
[end quote]

“[F]atally flawed”? Do models die? Whatever. First, it is good to get the history right. Let us do so. The SIR model is indeed Kermack-McKendrick 1927, as is the alternative model used by Fraser. But the reproduction number comes from George McDonald in the 1950's, emphasised and elaborated by Klaus Dietz 20 years later, and finally entered mainstream with the Anderson-May monograph in 1991. See pp53-4 of Adam Kucharski, The Rules of Contagion, Profil Books/Wellcome Collection 20, which refers to Hans Heesterbeek's historical survey, A Brief History of R0 and a Recipe for its Calculation, Acta Biotheoretica 2002, available from

Second, Baker doesn't like R0 (or R/Re/Rt, I take it), for reasons which I fail to understand even after corresponding with him privately. Amongst other things, R is very useful when formulating policy and communicating it to the public. Here is German Chancellor Angela Merkel explaining in a press conference why German states were implementing “lockdown” measures, in terms of when the German health system could be expected to be at capacity, given various values for Rt: This video went viral in Europe, for reasons which are apparent when you watch it. Colleagues in other countries told me they wished they had such politicians.

To me, Baker writes as if all epidemiological modeling is based on the differential-equation SIR conception. There are other models being used, including one based on non-homogeneous Poisson Processes by Grassly and Fraser, and I understand the MRC GIDA model discussed above is agent-based, not SIR. It is worth noting that SIR-based models have made some quite accurate predictions about the current outbreak, including one from the London School of Hygiene and Tropical Medicine CMMID on when the Wuhan Covid-19 outbreak was likely to peak (for references see p2 of my Notes on Covid-19 Part 1: 2020-02-24 to 2020-03-20, accessible from ).

Please report problems with the web pages to the maintainer